tag:blogger.com,1999:blog-13041189495452380622024-03-19T03:56:09.096+01:00An ownCloud BlogUnknownnoreply@blogger.comBlogger1125tag:blogger.com,1999:blog-1304118949545238062.post-66143802989126319772014-11-01T23:24:00.000+01:002015-02-19T09:38:18.158+01:00ownCloud HTTPS External MountIn the <a href="http://volkangezerr.scienceontheweb.net/icerikgoster.php?tur=ownCloud&id=304&t=Another%20ownCloud%207%20review" target="_blank">previous article</a>, External
storage support of ownCloud has been mentioned briefly. In this
article, you will be learning how you can mount an ownCloud instance
with self-signed certificate into your to ownCloud instance. Of
course, the same procedure can be used for other mounting options.
<br />
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
Self-signed certificates are the most
simple and the free way to have a HTTPS-enabled server. However, when
a user enters the page, depending on the browser, gets a warning. On
Firefox the following page is shown:</div>
<div style="margin-bottom: 0cm;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://www.blogger.com/blogger.g?blogID=1304118949545238062" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=1304118949545238062" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=1304118949545238062" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=1304118949545238062" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=1304118949545238062" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=1304118949545238062" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://www.blogger.com/blogger.g?blogID=1304118949545238062" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVrJg_zhtfNZZz-eXlNVaAkI17s8gApq05spAxDQU4NLqRjribREFkqsDoq4b0Qv8Qfu3XY9q8dS5tIbawrLR1wsn4VeEs55xVLDint2x3aVBY9W-cNWvKuLGt7f7Rw8lJ7gpCRDNIF0Y/s1600/external_mount_html_212ff236.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVrJg_zhtfNZZz-eXlNVaAkI17s8gApq05spAxDQU4NLqRjribREFkqsDoq4b0Qv8Qfu3XY9q8dS5tIbawrLR1wsn4VeEs55xVLDint2x3aVBY9W-cNWvKuLGt7f7Rw8lJ7gpCRDNIF0Y/s1600/external_mount_html_212ff236.png" height="229" width="400" /></a></div>
<br />
<br /></div>
<div style="margin-bottom: 0cm;">
On Chrome/Chromium, the https prefix is
shown red and padlock is not green:</div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghPeSIR98CMI9fFwSOlgbjl2GOyUNHSpGepd3i_9V4oterZPNxex7PX1W5GkjPFqv-_wyZkShx7LU-okI_qDlGDCS3HysT0g7_2l3gOeFj4plDrxhT8EEfL0vsFT1_TDocleNcxjwlk-0/s1600/chromium_self.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghPeSIR98CMI9fFwSOlgbjl2GOyUNHSpGepd3i_9V4oterZPNxex7PX1W5GkjPFqv-_wyZkShx7LU-okI_qDlGDCS3HysT0g7_2l3gOeFj4plDrxhT8EEfL0vsFT1_TDocleNcxjwlk-0/s1600/chromium_self.png" /></a></div>
<br /></div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
The warnings here show that the
certificate is signed by an untrusted issuer. The risk of a
self-signed certificate is that they can never be verified
extensively. If you handed the public key to users, they can
ignore the warning. If not, there might be the case that the server
is under attack and the key was modified by an attacker. See <a href="http://security.stackexchange.com/questions/8110/what-are-the-risks-of-self-signing-a-certificate-for-ssl">this
question</a> for detailed explanation. To continue, on Firefox, you
need to add an exception to the certificate by clicking on <i>I
understand the risks</i> and <i>Add exception</i>:</div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3c1EBKvg5c8tV6TCzjwS_lxBuhM2xU29LsQxcfWDbcetOQRel5Apn7QqgVNGL-xxCodoNBenBv3jS7zO0gLJu6J6uQRNZL8wJq8VjCacIiMQRPFH8UmhNEshNxtacLhDxZnQsUd_VQqE/s1600/firefox_self1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3c1EBKvg5c8tV6TCzjwS_lxBuhM2xU29LsQxcfWDbcetOQRel5Apn7QqgVNGL-xxCodoNBenBv3jS7zO0gLJu6J6uQRNZL8wJq8VjCacIiMQRPFH8UmhNEshNxtacLhDxZnQsUd_VQqE/s1600/firefox_self1.png" height="440" width="640" /></a></div>
<br /></div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
Later, you will be shown an <i>Exception
dialog</i> where you can confirm this security exception. In the next
visits, you will <b>NOT </b><span style="font-weight: normal;">be
asked for this certificate again unless the certificate changes.</span></div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
<span style="font-weight: normal;">On
Chrome/Chromium, you need to click on </span><i><span style="font-weight: normal;">Advanced</span></i><span style="font-weight: normal;">
link displayed in the page and choose </span><i><span style="font-weight: normal;">Continue
with ... (unsecured)</span></i><span style="font-weight: normal;">.</span></div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="font-weight: normal; margin-bottom: 0cm;">
Similarly, if you
need to mount an SSL-enabled ownCloud instance, you need to tell your
ownCloud instance that you trust that server. For this, the users
need to import the Root Certificates for this server in their
Personal settings page.</div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
<b>So, how do we get the certificate of
the server?</b></div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
<span style="font-weight: normal;">On
Firefox, click on </span><i><span style="font-weight: normal;">View</span></i><span style="font-weight: normal;">
in the windows shown above, and choose </span><i><span style="font-weight: normal;">Details</span></i><span style="font-weight: normal;">.
You will be shown a window similar to below:</span></div>
<div style="margin-bottom: 0cm;">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNgFVdGPM2Aa0lQTS9-HDCGeCW7TYjGzXLuM_xq_p8ajxHGW0ppS05EkRcHjtfoHzH5E4y65ZneCmfnv3bXMMcqQVcD35ncDFOg8zNdlH4P5KpCmBpKGWoMtUaL3tlbjtmAwc6_x5usAU/s1600/firefox_export.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNgFVdGPM2Aa0lQTS9-HDCGeCW7TYjGzXLuM_xq_p8ajxHGW0ppS05EkRcHjtfoHzH5E4y65ZneCmfnv3bXMMcqQVcD35ncDFOg8zNdlH4P5KpCmBpKGWoMtUaL3tlbjtmAwc6_x5usAU/s1600/firefox_export.png" height="640" width="610" /></a></div>
<br /></div>
<div style="font-weight: normal; margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
Click on <i>Export</i> and save the
certificate. If you already <i>confirmed </i>the exception, you may
not see this window again. In this case, to see the same window,
click on the padlock left of the address bar and click on <i>More
information</i>. In <i>Security</i> tab, choose <i>View Certificate</i>.</div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
On Chrome/Chromium, click on the
padlock next to address bar. On <i>Connection </i><span style="font-style: normal;">tab,
choose </span><i>Certificate information</i><span style="font-style: normal;">.
Go to </span><i>Details </i><span style="font-style: normal;">tab and
click on </span><i>Export </i><span style="font-style: normal;">to
export the certificate.</span></div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
Next is to import this certificate into
our ownCloud instance. After enabling <i>External storage support</i>
in app management, enable user external storage in admin settings.
Make sure that ownCloud is checked.</div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
In <i>Personal settings</i><span style="font-style: normal;">,
try to mount the other instance into yours. Enter the URL of the
instance without HTTP or HTTPS prefix and check the </span><i>Secure</i><span style="font-style: normal;">
checkbox. You will (most likely) get a red indicator showing that
there is a problem with the setup:</span></div>
<div style="margin-bottom: 0cm;">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMQKJGmUZGmGIpFeE4lvTuF-fTbHrp1EntUoH-yHp23yxMhQlwRibcpkYrLQOojU4Bx8R4sg27cy38d8YCrpWRTqyaV6bSdWZK91SyvB1N52RWuSM_66lHocVwfwbn3vOLlJXIgxsBIQ8/s1600/external_add.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMQKJGmUZGmGIpFeE4lvTuF-fTbHrp1EntUoH-yHp23yxMhQlwRibcpkYrLQOojU4Bx8R4sg27cy38d8YCrpWRTqyaV6bSdWZK91SyvB1N52RWuSM_66lHocVwfwbn3vOLlJXIgxsBIQ8/s1600/external_add.png" height="322" width="640" /></a></div>
<br />
<br /></div>
<div style="font-style: normal; margin-bottom: 0cm;">
This means that we
need to import the server certificate into our instance to tell that
the connection can be trusted.</div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
<span style="font-style: normal;">Scroll
down and find the </span><i>SSL root certificates</i><span style="font-style: normal;">
field. Click on </span><i>Import </i><span style="font-style: normal;">and
find the certificate that you have just exported.</span><br />
<span style="font-style: normal;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJXrf6yO1IJr-30l8dyHMqaAYJfi25fC1jhURJyDeuAvIMbUOMSt7WM_8FPN7sjmKdZchVVaw8YvpjHOx69XYybgnVrMOxUHyDtcrCU9GlzUjCA-HmilifFeQ8N68SdJyCCSALbAifbpQ/s1600/external_mount_html_m54031936.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJXrf6yO1IJr-30l8dyHMqaAYJfi25fC1jhURJyDeuAvIMbUOMSt7WM_8FPN7sjmKdZchVVaw8YvpjHOx69XYybgnVrMOxUHyDtcrCU9GlzUjCA-HmilifFeQ8N68SdJyCCSALbAifbpQ/s1600/external_mount_html_m54031936.png" height="180" width="640" /></a></div>
<span style="font-style: normal;"><br /></span></div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
<span style="font-style: normal;">Now
back to the </span><i>External storage</i><span style="font-style: normal;">
field, you will be seeing that the indicator is green and the
connection is successful. If you go to Files app, you will be seeing
that the new external folder named </span><i>ownCloud </i><span style="font-style: normal;">shown
using different icon.</span></div>
<div style="margin-bottom: 0cm;">
<br /></div>
<div style="font-style: normal; margin-bottom: 0cm;">
<br /></div>
<div style="margin-bottom: 0cm;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT1TES4bvn0WE4p5Oayiz3DrArHdNVNUVDfhABIkgZXiV2Tgo0qVS1Zty_O82KaR629JjCPplwTG3WuOn2opj43c-HGBVXeVmxsfdbWT0-y0jjK03rdZ4hV8WlUxbDUPopBSflhnbUxRc/s1600/external_mount_html_m393158d0.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT1TES4bvn0WE4p5Oayiz3DrArHdNVNUVDfhABIkgZXiV2Tgo0qVS1Zty_O82KaR629JjCPplwTG3WuOn2opj43c-HGBVXeVmxsfdbWT0-y0jjK03rdZ4hV8WlUxbDUPopBSflhnbUxRc/s1600/external_mount_html_m393158d0.png" height="180" width="640" /></a></div>
<br /></div>
<div style="font-style: normal; margin-bottom: 0cm;">
<br /></div>
<br />
<div style="margin-bottom: 0cm;">
If you have
imported your certificate, but still getting red indicator, make sure
that the Common Name has the same with the URL of the instance.</div>
Unknownnoreply@blogger.com9